feat: 添加对多种登录方式的支持

issue9 · Oct 25, 2024 · 31a4228 · 31a4228
1 parent 98ecc7b
commit 31a4228
Show file tree

Hide file tree

Showing 26 changed files with 225 additions and 93 deletions.
diff --git a/admin/src/app/context/context.tsx b/admin/src/app/context/context.tsx
@@ -182,8 +182,8 @@ export function buildContext(opt: Required<buildOptions>, f: API) {
          * @param account 账号密码信息
          * @returns true 表示登录成功，其它情况表示错误信息
          */
-        async login(account: Account) {
-            const ret = await f.login(account);
+        async login(account: Account,type: string = 'password') {
+            const ret = await f.login(account, type);
             if (ret === true) {
                 uid = account.username;
                 sessionStorage.setItem(currentKey, uid);

diff --git a/admin/src/core/api/api.spec.ts b/admin/src/core/api/api.spec.ts
@@ -63,7 +63,7 @@ describe('API token', () => {
     });
 
     test('token', async () => {
-        await writeToken(Object.assign({}, token));
+        writeToken(Object.assign({}, token));
         const f = await API.build('http://localhost', '/login', 'application/json', 'zh-cn');
         let t = await f.getToken(); // 过期时间在 1 秒之内，必然未过期。
         expect(t).toEqual('access');
@@ -82,7 +82,7 @@ describe('API token', () => {
     test('login', async () => {
         const f = await API.build('http://localhost', '/login', 'application/json', 'zh-cn');
         fetchMock.mockResponseOnce(JSON.stringify(Object.assign({}, token)));
-        const ret = await f.login({ username: 'admin', password: '123' });
+        const ret = await f.login({ username: 'admin', password: '123' }, 'password');
         expect(ret).toBeTruthy();
 
         let t = await f.getToken();

diff --git a/admin/src/core/api/api.ts b/admin/src/core/api/api.ts
@@ -201,8 +201,8 @@ export class API {
      *
      * @returns 如果返回 true，表示操作成功，否则表示错误信息。
      */
-    async login(account: Account): Promise<Problem<never>|undefined|true> {
-        const token = await this.post<Token>(this.#loginPath, account, false);
+    async login(account: Account, type: string): Promise<Problem<never>|undefined|true> {
+        const token = await this.post<Token>(this.#loginPath + '?type='+type, account, false);
         if (token.ok) {
             this.#token = writeToken(token.body!);
             await this.clearCache();

diff --git a/admin/src/pages/current/login.tsx b/admin/src/pages/current/login.tsx
@@ -3,10 +3,10 @@
 // SPDX-License-Identifier: MIT
 
 import { Navigate, useNavigate } from '@solidjs/router';
-import { JSX, Match, Switch } from 'solid-js';
+import { createSignal, JSX, Match, onMount, Switch } from 'solid-js';
 
 import { useApp, useOptions } from '@/app/context';
-import { Button, Icon, ObjectAccessor, Page, Password, TextField } from '@/components';
+import { buildEnumsOptions, Button, Choice, FieldAccessor, Icon, ObjectAccessor, Page, Password, TextField } from '@/components';
 import { Account } from '@/core';
 
 /**
@@ -27,23 +27,47 @@ export function Login(): JSX.Element {
     const opt = useOptions();
     const nav = useNavigate();
 
+    const [passports, setPassports] = createSignal<Array<[string,string]>>([]);
+    const passport = FieldAccessor('passport', 'password');
+
+    onMount(async () => {
+        const r = await ctx.api.get<Array<Passport>>('/passports');
+        if (!r.ok) {
+            ctx.outputProblem(r.body);
+            return;
+        }
+        setPassports(r.body!.map((v)=>[v.name,v.desc]));
+    });
+
     const f = new ObjectAccessor<Account>({ username: '', password: '' });
 
-    return <Page title="_i.page.current.login" class="p--login palette--primary">
+    return <Page title="_i.page.current.login" class="p--login">
         <form onReset={()=>f.reset()} onSubmit={async()=>{
-            const ret = await ctx.login(f.object());
+            const ret = await ctx.login(f.object(), passport.getValue());
             if (ret === true) {
                 nav(opt.routes.private.home);
             } else if (ret) {
                 await ctx.outputProblem(ret);
             }
         }}>
-            <p class="text-lg">{ctx.locale().t('_i.page.current.login')}</p>
+            <div class="title">
+                <p class="text-2xl">{ctx.locale().t('_i.page.current.login')}</p>
+                <Choice accessor={passport} options={buildEnumsOptions(passports(), ctx)}/>
+            </div>
+
             <TextField prefix={<Icon class="!py-0 !px-1 flex items-center" icon='person' />}
                 placeholder={ctx.locale().t('_i.page.current.username')} accessor={f.accessor('username', true)} />
+
             <Password icon='password_2' placeholder={ctx.locale().t('_i.page.current.password')} accessor={f.accessor('password', true)} />
-            <Button disabled={f.accessor('username').getValue() == ''} type="submit">{ctx.locale().t('_i.ok')}</Button>
-            <Button type="reset">{ ctx.locale().t('_i.reset') }</Button>
+
+            <Button palette='primary' disabled={f.accessor('username').getValue() == ''} type="submit">{ctx.locale().t('_i.ok')}</Button>
+
+            <Button palette='secondary' type="reset">{ ctx.locale().t('_i.reset') }</Button>
         </form>
     </Page>;
 }
+
+interface Passport {
+    name: string;
+    desc: string;
+}
diff --git a/admin/src/pages/current/style.css b/admin/src/pages/current/style.css
@@ -8,7 +8,12 @@
     @apply justify-center h-full items-center;
 
     form {
-        @apply flex justify-center flex-col px-2 gap-2 w-full xs:w-80;
+        @apply flex justify-center flex-col gap-2 w-full xs:w-96 p-5;
+        @apply border border-palette-bg-low rounded-md bg-palette-bg shadow-sm shadow-palette-bg-low;
+
+        .title {
+            @apply flex justify-between mb-8;
+        }
     }
 }
 

diff --git a/admin/tailwind.preset.ts b/admin/tailwind.preset.ts
@@ -70,6 +70,7 @@ const config: PresetsConfig = {
             outlineColor: colors,
             ringColor: colors,
             divideColor: colors,
+            boxShadowColor: colors,
 
             minWidth: breakpoints,
             maxWidth: breakpoints,

diff --git a/cmfx/initial/cmd/cmd.go b/cmfx/initial/cmd/cmd.go
@@ -19,6 +19,7 @@ import (
 	"github.com/issue9/cmfx/cmfx/initial"
 	"github.com/issue9/cmfx/cmfx/modules/admin"
 	"github.com/issue9/cmfx/cmfx/modules/system"
+	"github.com/issue9/cmfx/cmfx/user/passport/password"
 )
 
 func Exec(name, version string) error {
@@ -66,6 +67,8 @@ func initServer(name, ver string, o *server.Options, user *Config, action string
 	switch action {
 	case "serve":
 		adminL := admin.Load(adminMod, user.Admin, uploadSaver)
+		adminL.Passport().Register("password2", password.New(adminL.Module(), "password2", 5), web.Phrase("another password valid"))
+
 		system.Load(systemMod, user.System, adminL)
 	case "install":
 		adminL := admin.Install(adminMod, user.Admin)

diff --git a/cmfx/modules/admin/admin.go b/cmfx/modules/admin/admin.go
@@ -4,8 +4,3 @@
 
 // Package admin 管理端的相关操作
 package admin
-
-const (
-	passwordID      = "password" // 采用密码登录的
-	defaultPassword = "123"
-)
diff --git a/cmfx/modules/admin/admintest/admintest.go b/cmfx/modules/admin/admintest/admintest.go
@@ -30,6 +30,7 @@ func NewModule(s *test.Suite) *admin.Module {
 			AccessExpired:  60 * config.Duration(time.Second),
 			RefreshExpired: 120 * config.Duration(time.Second),
 		},
+		DefaultPassword: "123",
 		Upload: &admin.Upload{
 			Size:  1024 * 1024 * 1024,
 			Exts:  []string{".jpg"},

diff --git a/cmfx/modules/admin/config.go b/cmfx/modules/admin/config.go
@@ -18,6 +18,13 @@ type Config struct {
 	// User 用户相关的配置
 	User *user.Config `json:"user" xml:"user" yaml:"user"`
 
+	// DefaultPassword 默认的密码
+	//
+	// 重置密码的操作将会将用户的密码重置为该值。
+	//
+	// 如果未设置，该值将被设置为 123
+	DefaultPassword string `json:"defaultPassword" xml:"defaultPassword" yaml:"defaultPassword"`
+
 	// 上传接口的相关配置
 	Upload *Upload `json:"upload" xml:"upload" yaml:"upload"`
 }
@@ -40,6 +47,10 @@ func (c *Config) SanitizeConfig() *web.FieldError {
 		return err.AddFieldParent("user")
 	}
 
+	if c.DefaultPassword == "" {
+		c.DefaultPassword = "123"
+	}
+
 	if c.Upload != nil {
 		if err := c.Upload.SanitizeConfig(); err != nil {
 			return err.AddFieldParent("upload")

diff --git a/cmfx/modules/admin/install.go b/cmfx/modules/admin/install.go
@@ -19,7 +19,7 @@ import (
 
 func Install(mod *cmfx.Module, o *Config) *Module {
 	user.Install(mod)
-	password.Install(mod)
+	password.Install(mod, "passwords")
 	rbac.Install(mod)
 
 	if err := mod.DB().Create(&info{}); err != nil {
@@ -52,7 +52,7 @@ func Install(mod *cmfx.Module, o *Config) *Module {
 				},
 			},
 			Username: "admin",
-			Password: defaultPassword,
+			Password: o.DefaultPassword,
 		},
 		{
 			ctxInfoWithRoleState: ctxInfoWithRoleState{
@@ -63,7 +63,7 @@ func Install(mod *cmfx.Module, o *Config) *Module {
 				},
 			},
 			Username: "u1",
-			Password: defaultPassword,
+			Password: o.DefaultPassword,
 		},
 		{
 			ctxInfoWithRoleState: ctxInfoWithRoleState{
@@ -74,7 +74,7 @@ func Install(mod *cmfx.Module, o *Config) *Module {
 				},
 			},
 			Username: "u2",
-			Password: defaultPassword,
+			Password: o.DefaultPassword,
 		},
 		{
 			ctxInfoWithRoleState: ctxInfoWithRoleState{
@@ -84,12 +84,12 @@ func Install(mod *cmfx.Module, o *Config) *Module {
 				},
 			},
 			Username: "u3",
-			Password: defaultPassword,
+			Password: o.DefaultPassword,
 		},
 	}
 
 	for _, u := range us {
-		if err := l.newAdmin(l.password, u, time.Now()); err != nil {
+		if err := l.newAdmin(u, time.Now()); err != nil {
 			panic(web.SprintError(mod.Server().Locale().Printer(), true, err))
 		}
 	}

diff --git a/cmfx/modules/admin/install_test.go b/cmfx/modules/admin/install_test.go
@@ -26,6 +26,7 @@ func TestInstall(t *testing.T) {
 			AccessExpired:  60,
 			RefreshExpired: 120,
 		},
+		DefaultPassword: "123",
 		Upload: &Upload{
 			Size:  1024 * 1024 * 1024,
 			Exts:  []string{".jpg"},

diff --git a/cmfx/modules/admin/models.go b/cmfx/modules/admin/models.go
@@ -49,10 +49,11 @@ type ctxInfoWithRoleState struct {
 	Created time.Time  `json:"created" xml:"created,attr" cbor:"created"` // 添加时间
 }
 
+// 添加新的管理员时，需要提供的数据
 type reqInfoWithAccount struct {
 	ctxInfoWithRoleState
-	Username string `json:"username" xml:"username" cbor:"username"`
-	Password string `json:"password" xml:"password" cbor:"password"`
+	Username string `json:"username" xml:"username" cbor:"username"` // 账号
+	Password string `json:"password" xml:"password" cbor:"password"` // 密码
 }
 
 func (i *info) Filter(v *web.FilterContext) {

diff --git a/cmfx/modules/admin/module.go b/cmfx/modules/admin/module.go
@@ -24,10 +24,12 @@ import (
 	"github.com/issue9/cmfx/cmfx/user/rbac"
 )
 
+const passportTypePassword = "password" // 采用密码登录的
+
 type Module struct {
-	user *user.Module
+	user            *user.Module
+	defaultPassword string
 
-	password  passport.Adapter
 	roleGroup *rbac.RoleGroup
 
 	uploadField string
@@ -46,12 +48,10 @@ func Load(mod *cmfx.Module, o *Config, saver upload.Saver) *Module {
 
 	u := user.Load(mod, o.User)
 
-	pass := password.New(mod, 8)
-	u.Passport().Register(passwordID, pass, web.StringPhrase("password mode"))
+	u.Passport().Register(passportTypePassword, password.New(mod, "passwords", 8), web.StringPhrase("password mode"))
 	m := &Module{
-		user: u,
-
-		password: pass,
+		user:            u,
+		defaultPassword: o.DefaultPassword,
 
 		uploadField: o.Upload.Field,
 
@@ -86,6 +86,7 @@ func Load(mod *cmfx.Module, o *Config, saver upload.Saver) *Module {
 	loginRate := ratelimit.New(web.NewCache(mod.ID()+"_rate", mod.Server().Cache()), 20, time.Second, nil, nil)
 
 	mod.Router().Prefix(m.URLPrefix()).
+		Get("/passports", m.getPassports).
 		Post("/login", m.postLogin, loginRate, initial.Unlimit(mod.Server())).
 		Delete("/login", m.deleteLogin, m).
 		Put("/login", m.putToken, m)
@@ -190,8 +191,8 @@ func (m *Module) Module() *cmfx.Module { return m.user.Module() }
 func (m *Module) Passport() *passport.Passport { return m.user.Passport() }
 
 // 手动添加一个新的管理员
-func (m *Module) newAdmin(pa passport.Adapter, data *reqInfoWithAccount, now time.Time) error {
-	uid, err := m.user.NewUser(pa, data.Username, data.Password, now)
+func (m *Module) newAdmin(data *reqInfoWithAccount, now time.Time) error {
+	uid, err := m.user.NewUser(m.Passport().Get(passportTypePassword), data.Username, data.Password, now)
 	if err != nil {
 		return err
 	}

diff --git a/cmfx/modules/admin/route_admins.go b/cmfx/modules/admin/route_admins.go
@@ -5,8 +5,10 @@
 package admin
 
 import (
+	"cmp"
 	"errors"
 	"net/http"
+	"slices"
 	"time"
 
 	"github.com/issue9/orm/v6"
@@ -20,11 +22,23 @@ import (
 	"github.com/issue9/cmfx/cmfx/user"
 )
 
+type respAdminInfo struct {
+	ctxInfoWithRoleState
+
+	// 当前用户已经开通的验证方式
+	Passports []*respPassportIdentity `json:"passports" xml:"passports" cbor:"passports"`
+}
+
+type respPassportIdentity struct {
+	Name     string `json:"name" xml:"name" cbor:"name"`
+	Identity string `json:"identity" xml:"identity" cbor:"identity"`
+}
+
 // # API GET /admins/{id} 获取指定的管理员账号
 //
 // @tag admin
 // @path id int 管理的 ID
-// @resp 200 * ctxInfoWithRoleState
+// @resp 200 * respAdminInfo
 func (m *Module) getAdmin(ctx *web.Context) web.Responser {
 	id, resp := ctx.PathID("id", cmfx.BadRequestInvalidPath)
 	if resp != nil {
@@ -51,10 +65,22 @@ func (m *Module) getAdmin(ctx *web.Context) web.Responser {
 		rs = append(rs, r.ID)
 	}
 
-	return web.OK(&ctxInfoWithRoleState{
-		info:  *a,
-		Roles: rs,
-		State: u.State,
+	ps := make([]*respPassportIdentity, 0)
+	for k, v := range m.Passport().Identities(id) {
+		ps = append(ps, &respPassportIdentity{
+			Name:     k,
+			Identity: v,
+		})
+	}
+	slices.SortFunc(ps, func(a, b *respPassportIdentity) int { return cmp.Compare(a.Name, b.Name) }) // 排序，尽量使输出的内容相同
+
+	return web.OK(&respAdminInfo{
+		ctxInfoWithRoleState: ctxInfoWithRoleState{
+			info:  *a,
+			Roles: rs,
+			State: u.State,
+		},
+		Passports: ps,
 	})
 }
 
@@ -204,7 +230,7 @@ func (m *Module) deleteAdminPassword(ctx *web.Context) web.Responser {
 	}
 
 	// 更新数据库
-	if err := m.password.Set(id, defaultPassword); err != nil {
+	if err := m.Passport().Get(passportTypePassword).Set(id, m.defaultPassword); err != nil {
 		return ctx.Error(err, "")
 	}
 
@@ -221,7 +247,7 @@ func (m *Module) postAdmins(ctx *web.Context) web.Responser {
 		return resp
 	}
 
-	if err := m.newAdmin(m.password, data, ctx.Begin()); err != nil {
+	if err := m.newAdmin(data, ctx.Begin()); err != nil {
 		return ctx.Error(err, "")
 	}
 	return web.Created(nil, "")

diff --git a/cmfx/modules/admin/route_current.go b/cmfx/modules/admin/route_current.go
@@ -84,7 +84,7 @@ func (m *Module) putCurrentPassword(ctx *web.Context) web.Responser {
 	}
 
 	a := m.CurrentUser(ctx)
-	err := m.password.Change(a.ID, data.Old, data.New)
+	err := m.Passport().Get(passportTypePassword).Change(a.ID, data.Old, data.New)
 	if errors.Is(err, passport.ErrUnauthorized()) {
 		return ctx.Problem(cmfx.Unauthorized)
 	} else if err != nil {